Hi @Lucas Cunha ,
Your case may be different, but this often happens for one of two reasons.
- Azure AD was unable to identify the SAML request within the URL parameters in the HTTP request. This can happen if the application is not using HTTP redirect binding when sending the SAML request to Azure AD, and you can resolve this by sending the SAML request encoded into the location header using HTTP redirect binding
- If you're getting the reply URL error for this situation and only for certain users, this can happen if the sign-in request does not contain an explicit reply URL. In this case Azure AD will select any of the configured reply URLs for that application. Even if the application has an explicit reply URL configured, the user may be to redirected https://127.0.0.1:444.
- The troubleshooting guide says that deleting any unused reply URLs will help resolve this error.
- Delete the unused reply URLs configured for the application.
- Open the Azure portal and sign in as a Global Administrator or Co-admin.
- Open the Azure Active Directory Extension by selecting All services at the top of the main left-hand navigation menu.
- Type “Azure Active Directory" in the filter search box and select the Azure Active Directory item.
- Select Enterprise Applications from the Azure Active Directory left-hand navigation menu.
- Select All Applications to view a list of all your applications.
- If you do not see the application you want show up here, use the Filter control at the top of the All Applications List and set the Show option to All Applications.
- Select the application you want to configure for single sign-on.
- Once the application loads, open Basic SAML configuration. In the Reply URL (Assertion Consumer Service URL), delete unused or default Reply URLs created by the system. For example, https://127.0.0.1:444/applications/default.aspx.